Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/zrbDnxLWOsyqi0PeUJrRFQBQ7jc.roa
File: zrbDnxLWOsyqi0PeUJrRFQBQ7jc.roa (raw, json)
Hash identifier: aqcYLza1b+WVQwDIDW66tHZcBumFSpBMjepMQYR77h0=
Subject key identifier: CE:B6:C3:9F:12:D6:3A:CC:AA:8B:43:DE:50:9A:D1:15:00:50:EE:37
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CC10D6A1574C7E71648D5778E4604
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/zrbDnxLWOsyqi0PeUJrRFQBQ7jc.roa
Signing time: Sun 01 Jan 2023 08:04:56 +0000
ROA not before: Sun 01 Jan 2023 08:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399151
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:c1:0d:6a:15:74:c7:e7:16:48:d5:77:8e:46:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceb6c39f12d63accaa8b43de509ad1150050ee37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f9:7a:76:d9:d6:f1:0b:ef:cb:a0:3c:ae:ad:
ea:be:45:7e:b4:8d:db:2a:37:64:0b:a1:f7:07:5e:
38:13:5b:ac:bb:5a:ef:db:91:aa:71:ee:b9:11:36:
ee:45:6a:78:57:97:f8:89:e4:41:de:f3:57:9f:9d:
bf:1c:76:3e:61:94:eb:74:cc:f2:af:d2:e8:b0:34:
42:53:1f:a6:e1:52:de:c5:a5:8d:d5:47:d5:ab:28:
50:f6:46:df:05:07:c0:64:5d:8a:82:50:db:73:0f:
49:1c:78:f4:f6:7e:31:2b:d5:85:0b:b8:d5:83:a5:
51:e3:cf:2e:d8:6d:77:a4:4f:f7:17:c5:d0:d5:f9:
4a:ba:15:e6:91:71:61:51:e7:50:1a:ca:7d:18:38:
4f:79:c2:43:f1:70:8f:ad:3e:23:04:7a:a9:b7:73:
3c:d6:b8:8c:a2:24:3a:26:61:e7:d5:17:36:b6:3a:
46:0e:99:60:c6:7e:8b:94:93:3b:75:bb:66:ff:f5:
82:05:c1:b0:d5:79:4a:db:e1:85:d1:67:25:ca:79:
4c:2a:ca:02:3c:5d:df:3c:ef:19:69:0f:ff:70:4a:
4b:3c:0d:a7:53:64:36:ec:ba:f1:83:32:9e:dd:1e:
e0:4e:0b:51:39:ca:16:fb:08:b6:70:55:de:e6:bc:
78:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B6:C3:9F:12:D6:3A:CC:AA:8B:43:DE:50:9A:D1:15:00:50:EE:37
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/zrbDnxLWOsyqi0PeUJrRFQBQ7jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:27:24:5f:5c:ad:81:5e:39:c2:17:b4:80:85:7d:e7:96:15:
e1:12:ac:39:cd:5c:c3:b0:d9:5d:28:0b:ea:fe:b7:d3:8d:88:
fb:92:55:77:65:a8:0c:af:b8:fa:2e:18:75:c0:0c:d0:78:9c:
c5:eb:9d:f7:1a:03:0d:02:c2:ad:81:7f:81:81:86:4a:a6:03:
45:93:48:44:c9:06:04:89:c5:af:fa:4b:5b:37:1b:48:a9:4d:
89:e1:b5:ed:e8:d8:d8:bb:12:9e:a2:b2:3e:32:37:9d:c3:4b:
6b:d9:ef:a3:22:35:f4:57:fd:2b:d1:11:5f:e1:ea:e4:a0:5b:
17:76:21:d8:c9:d2:20:e6:c1:12:90:7c:8c:05:b6:5f:9d:c8:
88:e3:1e:0f:e9:21:c0:d0:7a:4c:af:4e:bb:19:7f:5f:64:19:
5c:52:8d:4c:66:34:9f:c3:46:55:fb:05:8e:a0:55:61:f2:6a:
92:27:d7:88:f8:52:ee:fa:ec:53:a4:50:04:f2:95:6f:0d:2a:
02:b4:02:3a:c6:38:65:e4:03:d8:9d:24:db:3c:f3:01:93:04:
c3:cb:22:03:f2:86:1b:18:ed:55:0c:af:c2:d2:35:67:9f:16:
ac:c0:3f:a9:db:22:60:9d:3a:57:69:d2:4b:02:ec:d4:47:e0:
15:89:e6:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXMENahV0x+cWSNV3jkYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI2YzM5ZjEyZDYzYWNjYWE4YjQzZGU1MDlhZDExNTAwNTBlZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifl6dtnW8Qvvy6A8rq3qvkV+tI3b
KjdkC6H3B144E1usu1rv25Gqce65ETbuRWp4V5f4ieRB3vNXn52/HHY+YZTrdMzy
r9LosDRCUx+m4VLexaWN1UfVqyhQ9kbfBQfAZF2KglDbcw9JHHj09n4xK9WFC7jV
g6VR488u2G13pE/3F8XQ1flKuhXmkXFhUedQGsp9GDhPecJD8XCPrT4jBHqpt3M8
1riMoiQ6JmHn1Rc2tjpGDplgxn6LlJM7dbtm//WCBcGw1XlK2+GF0WclynlMKsoC
PF3fPO8ZaQ//cEpLPA2nU2Q27LrxgzKe3R7gTgtROcoW+wi2cFXe5rx4lQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM62w58S1jrMqotD3lCa0RUAUO43MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvenJiRG54TFdPc3lxaTBQZVVKclJGUUJRN2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBfJyRfXK2BXjnCF7SA
hX3nlhXhEqw5zVzDsNldKAvq/rfTjYj7klV3ZagMr7j6Lhh1wAzQeJzF6533GgMN
AsKtgX+BgYZKpgNFk0hEyQYEicWv+ktbNxtIqU2J4bXt6NjYuxKeorI+Mjedw0tr
2e+jIjX0V/0r0RFf4erkoFsXdiHYydIg5sESkHyMBbZfnciI4x4P6SHA0HpMr067
GX9fZBlcUo1MZjSfw0ZV+wWOoFVh8mqSJ9eI+FLu+uxTpFAE8pVvDSoCtAI6xjhl
5APYnSTbPPMBkwTDyyID8oYbGO1VDK/C0jVnnxaswD+p2yJgnTpXadJLAuzUR+AV
ieZR
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org